#-----------------------------------------------
# END USER CONFIGURATION
#-----------------------------------------------
HTTP_PORT=7777
HTTPS_PORT=443
IPTABLES=iptables
LIMIT1="10/sec"
BURST1=1
LIMIT2="1/sec"
BURST2=30
LIMIT3="30/min"
BURST3=60
LIMIT4="30/hour"
BURST4=120

#-----------------------------------------------
# IMPLEMENT
#-----------------------------------------------
iptables -F
iptables -X HTTP_FILTER
iptables -N HTTP_FILTER

# iptables -I INPUT -m string --algo bm --string 'HTTP/1.' -p tcp --dport $HTTP_PORT -m string --algo "bm" --string "item=" -j HTTP_FILTER
# iptables -I INPUT -m string --algo bm --string 'HTTP/1.' -p tcp --dport $HTTPS_PORT -m string --algo "bm" --string "item=" -j HTTP_FILTER

iptables -I INPUT -m string --algo bm --string 'HTTP/1.' -p tcp --dport $HTTP_PORT -j HTTP_FILTER
iptables -I INPUT -m string --algo bm --string 'HTTP/1.' -p tcp --dport $HTTPS_PORT -j HTTP_FILTER

iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT1 --hashlimit-burst $BURST1 --hashlimit-mode srcip --hashlimit-name 'http_filter1_log' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j LOG --log-prefix 'HTTP_FILTER1 '
iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT1 --hashlimit-burst $BURST1 --hashlimit-mode srcip --hashlimit-name 'http_filter1' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j DROP

iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT2 --hashlimit-burst $BURST2 --hashlimit-mode srcip --hashlimit-name 'http_filter2_log' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j LOG --log-prefix 'HTTP_FILTER2 '
iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT2 --hashlimit-burst $BURST2 --hashlimit-mode srcip --hashlimit-name 'http_filter2' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j DROP

iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT3 --hashlimit-burst $BURST3 --hashlimit-mode srcip --hashlimit-name 'http_filter3_log' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j LOG --log-prefix 'HTTP_FILTER3 '
iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT3 --hashlimit-burst $BURST3 --hashlimit-mode srcip --hashlimit-name 'http_filter3' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j DROP

iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT4 --hashlimit-burst $BURST4 --hashlimit-mode srcip --hashlimit-name 'http_filter4_log' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j LOG --log-prefix 'HTTP_FILTER4 '
iptables -A HTTP_FILTER -m hashlimit --hashlimit-above $LIMIT4 --hashlimit-burst $BURST4 --hashlimit-mode srcip --hashlimit-name 'http_filter4' --hashlimit-htable-expire 30000 --hashlimit-htable-max 65535 -j DROP
